setreuid

- set real and effective user IDs

Synopsis

#include <unistd.h>
intsetreuid(uid_truid, uid_teuid);

Description

The setreuid() function is used to set the real and effective user IDs
of the calling process. If ruid is -1, the real user ID
is not changed; if euid is -1, the effective user ID is
not changed. The real and effective user IDs may be set to
different values in the same call.

If the {PRIV_PROC_SETID} privilege is asserted in the effective set of the
calling process, the real user ID and the effective user ID can
be set to any legal value.

If the {PRIV_PROC_SETID} privilege is not asserted in the effective set of
the calling process, either the real user ID can be set to
the effective user ID, or the effective user ID can either be
set to the saved set-user ID from execve() (seeexec(2)) or the real
user ID.

In either case, if the real user ID is being changed (that
is, if ruid is not -1), or the effective user ID
is being changed to a value not equal to the real user
ID, the saved set-user ID is set equal to the new effective
user ID.

All privileges are required to change to uid 0.

Return Values

Upon successful completion, 0 is returned. Otherwise, -1 is returned, errno is
set to indicate the error, and neither of the user IDs will
be changed.

Errors

The setreuid() function will fail if:

EINVAL

The value of ruid or euid is less than 0 or greater than UID_MAX (defined in <limits.h>).

EPERM

The {PRIV_PROC_SETID} privilege is not asserted in the effective set of the calling processes and a change was specified other than changing the real user ID to the effective user ID, or changing the effective user ID to the real user ID or the saved set-user ID. See privileges(5) for additional restrictions which apply when changing to UID 0.

Usage

If a set-user-ID process sets its effective user ID to its real
user ID, it can still set its effective user ID back to
the saved set-user ID.